Requests for information
1 SCOPE: National
This policy applies nationally to all entities within the Silverchain group of companies. In this policy, reference to “Silverchain” or “we” means Silver Chain Group Limited and its related bodies corporate (as that term is defined in the Corporations Act 2001 (Cth).”
The purpose of this policy is to outline how Silverchain protects the privacy of individuals.
Silverchain is a not-for-profit charitable organisation that provides healthcare and home support services to those in need within the community. We routinely collect personal and sensitive information from individuals to enable us to carry out these services.
3 POLICY DESCRIPTION
Silverchain is committed to the protection of privacy and the compliant management of personal information. This document sets out our policies and responsibilities in relation to the collection, use, storage, management and disclosure of your personal information.
Health information has the meaning provided in the Privacy Act 1988 (Cth) and includes:
- information or an opinion about the health, including an illness, disability or injury, of an individual;
- an individual’s expressed wishes about the future provision of health services to the individual;
- a health service provided, or to be provided, to an individual;
- other personal information collected to provide, or in providing a health service, to an individual; and
- other personal information collected in connection with the donation, or intended donation, by an individual of their body parts, organs or body substances;
- genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual.
Personal information has the meaning provided in the Privacy Act 1988 (Cth) and means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
Personal information includes sensitive information and health information.
Privacy Legislation means all privacy legislation which may apply to Silverchain and includes the Privacy Act 1988 (Cth), the Health Records and Information Privacy Act 2002 (NSW) and the Health Records Act 2001 (Vic);
Privacy Principles means the Australian Privacy Principles set out in Schedule 1 of the Privacy Act 1988 (Cth).
Privacy Officer means Silverchain’s nominated Privacy Officer.
Sensitive information has the meaning provided in the Privacy Act 1988 (Cth) and means information or opinion about an individual’s:
- racial or ethnic origin;
- political opinions;
- membership of a political association;
- religious beliefs or affiliations;
- philosophical beliefs;
- membership of a professional or trade association;
- membership of a trade union;
- sexual preferences or practices;
- criminal record that is also personal information;
- health information; or
- genetic information that is not otherwise health information’
- biometric information; or
- biometric templates.
Website means the Silverchain website at www.silverchain.org.au and any associated sub-domain.
5 COLLECTION OF PERSONAL AND SENSITIVE INFORMATION
Silverchain respects the privacy of individuals and is open about the way it handles all personal information (including sensitive information and health information) given to it by staff, volunteers, clients, healthcare professionals, government agencies and members of the public.
We need to collect and store your person information, including your health information, in order to help you receive the right care and services for your needs, managing our business (including for quality assurance, practice accreditation and record keeping purposes), handling complaints and incidents, providing you with information about our products and services that may be of interest to you, and for accounts and billing purposes.
The types of personal information we collect include:
Silverchain Clients and Prospective Clients
- contact details (including name, address, telephone number, email for client, emergency and family contacts);
- personal details (which may include date of birth, gender, nationality, religious affiliations, Medicare and health fund details);
- health information (see clause 7 of this Policy); and
- credit card and bank account details.
Silverchain Employees, Volunteers, Candidates for Volunteer Work and Prospective Employees
- contact details (including name, address, telephone number, email);
- personal details (including date of birth, country of birth, citizenship, residency and visa details);
- details of emergency contact persons;
- information provided by the individual relating to qualifications, skills and experience; languages spoken, drivers license details;
- information and opinions from referees for prospective employees and candidates for volunteer work;
- bank account details;
- results of a Police Check; and
- health information (as expressly requested by Silverchain in which case the reason for collection of this information will be provided).
- contact details (including name, address, telephone number, email);
- personal details (which may include date of birth, gender, income, areas of interest, donation history); and
- credit card and bank account details.
Service Providers, Subcontractors and Other Non-Client Individuals
Silverchain may collect personal information from individuals who are not clients of Silverchain. This could include individuals from:
- current or prospective service providers or sub-contractors;
- other commercially based relationships; or
- healthcare professionals who provide services or refer clients to Silverchain
If you choose not to provide us with some or all of the information we request, we may not be able to provide you with some or all of the care and services you need.
6 HOW Silverchain COLLECTS INFORMATION
6.1 Silverchain may collect personal information in a number of ways. Where possible, Silverchain will collect your personal information from you directly. Personal information is collected by us through various means, including telephone, face to face meetings, forms and questionnaires and online through portals, emails and our website.
6.2 In some situations, we may also obtain personal information about an individual from a third party. In these circumstances, we will take reasonable steps to ensure that you are aware of the purpose for which the information was obtained and how the information will or may be disclosed For example, we may collect information from your doctor, or from a referee whose details have been provided by you, or from another person whom you have given us the authority to contact.
6.3 For more information on how we collect, hold, use and disclose personal information, please consult our Privacy Collection Statement, which is provided to you at the time of collecting personal information or is available online here.
7 HEALTH INFORMATION
7.1 In order to provide services to you, Silverchain will need to collect your health information. This may include a your medical history, treatment notes, care plans, medications, photographic images, healthcare preferences, information about healthcare professionals involved in your care, and information about any other person who may be responsible for making your healthcare decisions.
7.2 If we collect health information from a third party (for example a doctor or specialist health provider) Silverchain will let you know that this information has been collected and we will explain how the information will be used and disclosed.
7.3 If Silverchain wishes to use health information provided by you for research or statistical purposes, this information will be de-identified unless you have given your express consent for us to identify you.
8.1 We will obtain your consent before collecting, using or disclosing your health information, unless it is unreasonable or impracticable for us to do so.
8.2 We may not be able to obtain consent directly from you if you are not able to communicate consent to us for reasons which may include age, mental incapacity or other illness.
8.3 In these circumstances, we may be limited in how we can collect, use and disclose your personal information. We will only do so in accordance with the Privacy Legislation.
8.4 If you are not able to provide your consent, the Privacy Legislation allows us to obtain consent from your legal guardian or someone else who is entitled to act on your behalf.
8.5 If you cannot give us your consent for any reason, the Privacy Legislation also allows us to disclose your personal information in limited circumstances if the disclosure is necessary to enable us to provide you with appropriate care or treatment.
9 USE AND DISCLOSURE OF PERSONAL INFORMATION
9.1 Other than as set out in this Policy, Silverchain will only use and disclose your personal information for the purpose for which it was collected.
9.2 We may share your personal information within the divisions and bodies corporate forming part of Silverchain.
9.3 We may also disclose your personal information to third parties including:
- government departments and agencies who provide funding for Silverchain services;
- external assessment entities and agencies;
- emergency services (including ambulance, police, fire brigade) who may be called upon to assist during the delivery of Silverchain services;
- doctors, health care professionals and third parties, who assist us to deliver our services;
- other regulatory bodies (for example WorkSafe, the Workplace Gender Equality Agency, Centrelink);
- attorneys, guardians, substitute decision-makers or family members where consent has been provided by you
- referees, provided by you;
- former employers of people who apply for employment or volunteer services at Silverchain;
- credit agencies;
- third-party providers to facilitate a service or function such as encrypted online payment facilities maintained by third-party providers or third-party cookies on our website (see our Terms and Conditions for more information on cookies); and
- Silverchain’s professional advisers, including lawyers, accountants, insurers and auditors.
9.4 Except as set out above, Silverchain will not disclose your personal information to a third party unless:
- you have consented to the release;
- the release is authorised or required by law; or
- Silverchain reasonably believes that you or someone else will be harmed if the release is not made.
9.5 Unless you have opted not to receive such communications, Silverchain may use personal information to contact you (including in person or by telephone, email or text message) in relation to services and products provided by Silverchain that we reasonably believe may be of interest you. This may include products and services provided by the various divisions and related bodies corporate within Silverchain. For example, if you receive health care services from Silverchain, we may contact you in relation to aged care services or products that we reasonably believe may be of interest to you. You may at any time opt out of receiving such communications by calling Silverchain on 1300 650 803 or by emailing firstname.lastname@example.org.
9.6 Silverchain is legally required to retain some records of your personal information for a length of time. Client records will be held for a minimum of 7 years from the date of the last interaction, records of children will be held until the client attains, or would have attained, the age of 25, and in the case of non-client records, we will maintain these until no longer required.
9.7 Silverchain may store your personal information outside Australia. If we do so, we will take reasonable steps to ensure that the overseas recipient protects your personal information in accordance with the Privacy Legislation.
10 RELEASE OF IMAGES OR PERSONAL INFORMATION FOR PUBLICITY PURPOSES
10.1 Silverchain produces publications (including information brochures and a regular newsletter) and from time to time runs promotional campaigns to raise awareness of its services, raise funds and provide information to the public and other stakeholders. Some of these publications include photographs, video footage and sound recordings in electronic media.
10.2 Wherever practicable, we will obtain your consent before using or publishing any image or recording of you for marketing purposes.
11 ACCESS TO AND CORRECTION OF YOUR PERSONAL INFORMATION
11.1 Under the Privacy Legislation (subject to some exceptions), you have a right to access personal information which we hold about you. You also have a right to ask Silverchain to correct personal information which is inaccurate, incomplete or out of date.
11.2 Silverchain undertakes:
- to deal with requests to correct your personal information promptly and confidentially;
- to correct any inaccurate or out of date information which is brought to our attention; and
- to ensure that your request to access your personal information will not affect any commercial or professional relationship which you may have with Silverchain.
11.3 Requests for information or access to your information, or corrections to your personal information should be made to the Silverchain Privacy Officer whose contact details are set out in clause 13 of this Policy. You must put your request must be in writing and provide proof of your identity.
11.4 Silverchain will take all reasonable steps to provide you with access or the information requested by you within 14 days of your request. If we need more time, (for example, if we need to access a large volume of information) we will use our reasonable efforts to provide you with access or the information requested within 30 days of your request.
11.5 Silverchain may charge you reasonable fees to reimburse us for the cost incurred in meeting your request for information, including photocopying and delivery cost of information which is stored offsite.
11.6 Silverchain may refuse access to information requested by you in certain circumstances. These include if:
- the request relates to personal information about someone other than you;
- providing you with access would pose a serious and imminent threat to the life or health of a person;
- providing you with access would create an unreasonable impact on the privacy of others;
- the request is frivolous or vexatious;
- providing access would prejudice negotiations between you and Silverchain;
- access would be unlawful;
- denial of access is authorised or required by law;
- access would prejudice law enforcement activities;
- access discloses a ‘commercially sensitive’ decision making process or information; or
- any other reason that is provided for in the Privacy Legislation.
11.7 If we deny you access to any information requested by you, we will give you our written reasons for doing so. If there is a dispute about your right of access to information, this will be dealt with in accordance with the complaints procedure set out in clause 14 of this Policy.
12 SECURITY OF PERSONAL INFORMATION
We store personal information electronically and/or in paper copy form. We take reasonable steps to protect the security of the personal information we hold, including protections against unauthorized access, virus, fire, theft or loss. Our staff are bound by confidentiality agreements regarding the protection of client’s personal information.
13 QUESTIONS AND REQUESTS
13.1 Silverchain has appointed a Privacy Officer who can be contacted about any questions or requests regarding this policy, including dealing with any complaints or requests to update or correct details of your personal information. You can also contact the Privacy Officer if you require a copy of this policy in a format that is accessible to you.
13.2 The Privacy Officer's contact details are as follows:
(08) 9242 0242
The Privacy Officer
6 Sundercombe Street
Osborne Park WA 6017
14.1 If you have provided us with personal and sensitive information or we have collected and hold your personal information, you have a right to make a complaint and have it investigated and dealt with under this complaints procedure.
14.2 Any complaint should be sent in writing or by email to the Privacy Officer at the address set out in Paragraph 13.2 of this Policy.
14.3 We will use our reasonable endeavours to resolve any complaint within a reasonable timeframe, which will usually not be longer than 30 days. However, if the matter is complex, resolution of your complaint may take longer.
14.4 We will keep a record of your complaint and the outcome.
14.5 If you are not satisfied with our response to your complaint, or if you think there has been a breach of the Privacy Legislation, you are also entitled to make a complaint to the Office of the Australian Information Commissioner. The Office of the Australian Information Commissioner can be contacted by telephone on 1300 363 992. Full contact details for the Office of the Australian Information Commissioner can be found online at www.oaic.gov.au.